From ef72b4e4a1f6cb6fec26ac5db411b713b6735ad5 Mon Sep 17 00:00:00 2001 From: Daniel Supernault Date: Sat, 1 Sep 2018 22:47:06 -0600 Subject: [PATCH 1/2] Update private profile view --- resources/views/profile/private.blade.php | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/resources/views/profile/private.blade.php b/resources/views/profile/private.blade.php index dda823e3..8b04a4b4 100644 --- a/resources/views/profile/private.blade.php +++ b/resources/views/profile/private.blade.php @@ -8,11 +8,11 @@
-

+

{{__('profile.privateProfileWarning')}}

- @if(Auth::check()) + @if(!Auth::check())

{{ __('profile.alreadyFollow', ['username'=>$user->username])}}

{{__('Log in')}}

{{__('profile.loginToSeeProfile')}}

From 9608400f6fd8e07db94c687150d8ed8849d93b15 Mon Sep 17 00:00:00 2001 From: Daniel Supernault Date: Sat, 1 Sep 2018 22:48:01 -0600 Subject: [PATCH 2/2] Update ProfileController to enforce private profiles --- app/Http/Controllers/ProfileController.php | 50 ++++++++++++---------- 1 file changed, 28 insertions(+), 22 deletions(-) diff --git a/app/Http/Controllers/ProfileController.php b/app/Http/Controllers/ProfileController.php index a1749975..2b9deb6b 100644 --- a/app/Http/Controllers/ProfileController.php +++ b/app/Http/Controllers/ProfileController.php @@ -42,27 +42,27 @@ class ProfileController extends Controller } if ($user->is_private == true) { - $isPrivate = $this->privateProfileCheck($user); + $isPrivate = $this->privateProfileCheck($user, $loggedIn); } if ($loggedIn == true) { - $isPrivate = $this->blockedProfileCheck($user); + $isBlocked = $this->blockedProfileCheck($user); } - if ($isPrivate == true) { + if ($isPrivate == true || $isBlocked == true) { return view('profile.private', compact('user')); - } else { - $owner = $loggedIn && Auth::id() === $user->user_id; - $is_following = ($owner == false && Auth::check()) ? $user->followedBy(Auth::user()->profile) : false; - $is_admin = is_null($user->domain) ? $user->user->is_admin : false; - $timeline = $user->statuses() - ->whereHas('media') - ->whereNull('in_reply_to_id') - ->whereNull('reblog_of_id') - ->orderBy('created_at', 'desc') - ->withCount(['comments', 'likes']) - ->simplePaginate(21); - } + } + + $owner = $loggedIn && Auth::id() === $user->user_id; + $is_following = ($owner == false && Auth::check()) ? $user->followedBy(Auth::user()->profile) : false; + $is_admin = is_null($user->domain) ? $user->user->is_admin : false; + $timeline = $user->statuses() + ->whereHas('media') + ->whereNull('in_reply_to_id') + ->whereNull('reblog_of_id') + ->orderBy('created_at', 'desc') + ->withCount(['comments', 'likes']) + ->simplePaginate(21); return view('profile.show', compact('user', 'settings', 'owner', 'is_following', 'is_admin', 'timeline')); } @@ -79,18 +79,24 @@ class ProfileController extends Controller return redirect($user->url()); } - protected function privateProfileCheck(Profile $profile) + protected function privateProfileCheck(Profile $profile, $loggedIn) { - if (Auth::check() === false) { - return false; + if (!Auth::check()) { + return true; } - $pid = Auth::user()->profile->id; - $follower_ids = $profile->followers()->pluck('followers.profile_id')->toArray(); - if (!in_array($pid, $follower_ids) && $pid !== $profile->id) { + + $user = Auth::user()->profile; + if($user->id == $profile->id) { return false; } - return true; + $follows = Follower::whereProfileId($user->id)->whereFollowingId($profile->id)->exists(); + if ($follows == false) { + return true; + } + + return false; + } protected function blockedProfileCheck(Profile $profile)